package cn.signalpha.modules.auth.utils;

import cn.signalpha.core.launch.constant.TokenConstant;
import cn.signalpha.core.log.exception.ServiceException;
import cn.signalpha.core.secure.TokenInfo;
import cn.signalpha.core.secure.utils.SecureUtil;
import cn.signalpha.core.tool.support.Kv;
import cn.signalpha.core.tool.utils.Func;
import cn.signalpha.modules.auth.dto.UserInfo;

import java.util.HashMap;
import java.util.Map;

/**
 * 认证工具类
 */
public class TokenUtil {

	public final static String CAPTCHA_HEADER_KEY = "Captcha-Key";
	public final static String CAPTCHA_HEADER_CODE = "Captcha-Code";
	public final static String CAPTCHA_NOT_CORRECT = "验证码不正确";
	public final static String TENANT_HEADER_KEY = "Tenant-Id";
	public final static String DEFAULT_TENANT_ID = "000000";
	public final static String USER_TYPE_HEADER_KEY = "User-Type";
	public final static String DEFAULT_USER_TYPE = "web";
	public final static String TOKEN_NOT_PERMISSION = "令牌授权已过期";
	public final static String USER_NOT_FOUND = "用户名或密码错误";
	public final static String USER_HAS_NO_ROLE = "未获得用户的角色信息";
	public final static String USER_HAS_NO_TENANT = "未获得用户的租户信息";
	public final static String USER_HAS_NO_TENANT_PERMISSION = "租户授权已过期,请联系管理员";
	public final static String USER_HAS_TOO_MANY_FAILS = "登录错误次数过多,请稍后再试";
	public final static String HEADER_KEY = "Authorization";
	public final static String HEADER_PREFIX = "Basic ";
	public final static String DEFAULT_AVATAR = "https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png";

	/**
	 * 创建认证token
	 *
	 * @param userInfo 用户信息
	 * @return token
	 */
	public static Kv createAuthInfo(UserInfo userInfo) {
		Kv authInfo = Kv.create();

		//设置jwt参数
		Map<String, Object> param = new HashMap<>(16);
		param.put(TokenConstant.TOKEN_TYPE, TokenConstant.ACCESS_TOKEN);
		param.put(TokenConstant.USER_ID, Func.toStr(userInfo.getId()));
		param.put(TokenConstant.DEPT_ID, userInfo.getDeptId());
		param.put(TokenConstant.ROLE_ID, userInfo.getRoleId());
		param.put(TokenConstant.OAUTH_ID, userInfo.getOauthId());
		param.put(TokenConstant.ACCOUNT, userInfo.getAccount());
		param.put(TokenConstant.USER_NAME, userInfo.getAccount());
		param.put(TokenConstant.NICK_NAME, userInfo.getNickName());
		param.put(TokenConstant.ROLE_NAME, Func.join(userInfo.getRoles()));
		param.put(TokenConstant.DETAIL, userInfo.getDetail());
		param.put(TokenConstant.TENANT_ID, Func.toStrWithEmpty(userInfo.getTenantId(), DEFAULT_TENANT_ID));

		//拼装accessToken
		try {
			TokenInfo accessToken = SecureUtil.createJWT(param, "audience", "issuser", TokenConstant.ACCESS_TOKEN);
			//返回accessToken
			return authInfo
				.set(TokenConstant.USER_ID, Func.toStr(userInfo.getId()))
				.set(TokenConstant.DEPT_ID, userInfo.getDeptId())
				.set(TokenConstant.ROLE_ID, userInfo.getRoleId())
				.set(TokenConstant.OAUTH_ID, userInfo.getOauthId())
				.set(TokenConstant.ACCOUNT, userInfo.getAccount())
				.set(TokenConstant.USER_NAME, userInfo.getAccount())
				.set(TokenConstant.NICK_NAME, userInfo.getNickName())
				.set(TokenConstant.ROLE_NAME, Func.join(userInfo.getRoles()))
				.set(TokenConstant.AVATAR, Func.toStrWithEmpty(userInfo.getAvatar(), DEFAULT_AVATAR))
				.set(TokenConstant.ACCESS_TOKEN, accessToken.getToken())
				.set(TokenConstant.REFRESH_TOKEN, createRefreshToken(userInfo).getToken())
				.set(TokenConstant.TOKEN_TYPE, TokenConstant.BEARER)
				.set(TokenConstant.EXPIRES_IN, accessToken.getExpire())
				.set(TokenConstant.TENANT_ID, Func.toStrWithEmpty(userInfo.getTenantId(), DEFAULT_TENANT_ID))
				.set(TokenConstant.DETAIL, userInfo.getDetail());
		} catch (Exception ex) {
			throw new ServiceException(ex.getMessage());
		}
	}

	/**
	 * 创建refreshToken
	 *
	 * @param userInfo 用户信息
	 * @return refreshToken
	 */
	private static TokenInfo createRefreshToken(UserInfo userInfo) {
		Map<String, Object> param = new HashMap<>(16);
		param.put(TokenConstant.TOKEN_TYPE, TokenConstant.REFRESH_TOKEN);
		param.put(TokenConstant.USER_ID, Func.toStr(userInfo.getId()));
		param.put(TokenConstant.DEPT_ID, Func.toStr(userInfo.getDeptId()));
		param.put(TokenConstant.ROLE_ID, Func.toStr(userInfo.getRoleId()));
		return SecureUtil.createJWT(param, "audience", "issuser", TokenConstant.REFRESH_TOKEN);
	}

}
